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USING SyncML TO MANAGE PRIVACY PREFERENCES 

(57) Abstract: The invention provides a method and/or system for managing privacy preferences in a communication network which 
comprises a client entity and a network element. The privacy preferences are included in a data object stored in, or accessible to, the 
client entity. The data object is sent to the network element using a synchronisation protocol, for managing the privacy preferences 
Q in accordance with the data object. The synchronisation protocol preferably is the SyncML protocol. Additionally, a proxy element 
may be provided which communicates with both the client entity and the network element. The client entity preferably may be a 
^ user equipment, preferably a computer or mobile station. (Fig. 3) 
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TITLE 

5 METHOD AND SYSTEM FOR PRIVACY PREFERENCES MANAGEMENT USING A 

SYNCHRONISATION PROTOCOL 

FIELD AND BACKGROUND OF THE INVENTION 

10 

This invention generally relates to the management of user 
privacy preferences in a network. 

More specifically, the invention relates to Privacy Preferen- 
15 ces Management using a synchronisation protocol such as 
SyncML . 

Generally, the interaction model of the World Wide Web (www) 
is based on a simple client /server interaction. 

20 

Fig. 1 shows the basic structure of such an interaction mo- 
del. According to this interaction, a client 1 requests a re- 
source from a server (origin server) 2 based on a uniform re- 
source identifier (URI) . In response to this request the ser- 

25 ver 2 is able to provide some service to the client 1. The 
communication between client 1 and server 2 is indicated by 
the double-headed arrow 3. In this interaction process, the 
server 2 will often require data from the client 1. Such data 
may include the client's PKI Digital Certificate (PKI, Public 

30 Key Infrastructure) , or some details about the user on whose 
behalf the client 1 makes the requests (e.g. username/pass- 
word, users address) . 

In such an environment, the client 1 can readily determine a 
35 user f s privacy preferences (due to direct interaction with 
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the user) and act accordingly when personal user data is re- 
quired. ; ". 

User privacy preferences can be very complex data objects. 
5 They can also tend to be very personalised and unique to in- 
dividuals. They represent preferences with regards to what 
data is given out to whom and on what circumstances and si- 
tuations that data may be used, stored and forwarded. The 
building up of such a data object represents a substantial 
10 investment on behalf of the user. 

Due to various constraints in the wireless communication the 
actual implementation of the interaction model may be diffe- 
rent than in the www model. In a wireless connection, addi- 
15 tional network elements are preferably introduced to distri- 
bute the load across the network. 

Such an interaction model for wireless communication is shown 
in Fig. 2. The constraints which may favour the use of these 
20 additional network elements 5, 9 include the following situa- 
tions: The bandwidth of the network link between a client 4 
and an origin server 7 may be very low, or the latency of the 
link may be poor. 

25 In such cases a Performance Enhancing Proxy (PEP) 5 may be 
provided which acts as an impedance matching element, mat- 
ching the characteristics of the wireless network to that of 
the fixed line network. The functions of PEPs include 
caching, data encoding and compression, etc. 

30 

In other cases the client 4 may be able to indicate that data 
required by the origin server 7 may be retrieved from a Sup- 
porting Server (SS) 9. A Supporting Server is a network ele- 
ment having a higher bandwidth connection to the origin ser- 
35 ver 7. 
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The client/origin server interaction requires processing po- 
wer on the client side which the client normally does not 
have. In this case the additional network element (s) 5/. 9 
5 supplies the required processing power. The communication 

between client 4, PEP 5, origin server 7, and Supporting Ser- 
ver 9 is indicated by arrows 6, 8, and 10, .respectively. 

In the environment described above there are many cases when 
10 it is desirable (or even necessary) for the network elements 
5, 9 performing on behalf of the client to have some knowled- 
ge of the users privacy preferences. 

For various reasons (including legislative) the distribution 
of personal data should normally be restricted and governed 
by strict guidelines. These guidelines have been outlined by 
authorities such as Federal Trade Commission (FTC) in the USA 
(or, by authorities e.g. in EU [EU] , OECD [OECD] etc.).' As an 
example, the FTC Fair Information Practices are: 
Notice - A user should be notified what personal data is 
used, who is using it, and how it is used; 

Choice - A user should be able to choose as to whether or not 
to allow that use; 

Access - A User should have access to such data whereever it 
is used; 

Security - User data should be protected at all times using 
reasonable security precautions. 

When, due to bandwidth and other constraints in a wireless 
30 network, use is made of additional network elements such as 
Supporting Servers (SS) 9 and/or Performance Enhancing Pro- 
xies (PEP)' 5 to distribute load in the network and to perform 
many tasks on behalf of clients 4, the additional network 
elements may need to know the users 1 privacy preferences in 
35 order to perform these tasks and to allow the network ele- 
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merits to conform to the privacy guidelines mentioned. 

Current network elements with the ability to support users 
privacy preferences usually have some graphical user inter- 
5 face (GUI) allowing the user to set preferences directly on 
the network element. These preferences are unique to that 
particular network element. This means that if one or more 
users wish to express their preferences to various network 
elements they have to set them separately each time for each 
10 server. 

As an example, consider a case of changing Service Provider 
where a user wishes to obtain this privacy protection service 
from a different provider. Currently in proxied privacy solu- 
15 tions those user privacy preferences are entered directly at 
the network element using a proprietary user interface. The 
user would have to once again develop his/her privacy prefe- 
rences and input them in the appropriate network element of 
the new service provider. 

20 

There is a problem that although it would be advantageous for 
network elements to be aware of a user ! s personal privacy 
preferences there is currently no standardized way of upda- 
ting and managing those privacy preferences. 

25 

SUMMARY OF THE INVENTION 

The present invention provides a method and/or system for ma- 
30 naging users 1 privacy preferences in a networked environment 
such as described above. 

In accordance with a preferred aspect of the invention, there 
is provided a method and/or system for managing privacy pre- 
35 ferences in a communication network comprising a client enti- 
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ty and a network element, e.g. a server, wherein the privacy 
preferences are included in a data object stored in, or ac- 
cessible to, the client entity, and the data object is sent 
to the network element using a synchronisation protocol, for 
5 managing the privacy preferences in accordance with the data 
object. The synchronisation protocol preferably is the SyncML 
protocol . 

Additionally, a proxy element may be provided which communi- 
10 cates with both the client entity and the network element. 
The client entity preferably may be a user equipment, pre- 
ferably a computer or mobile station. 

The client entity or an intermediate proxy element may be ad- 
15 apted to request a policy reference file and/or po- 
licy/policies from the server and to determine available pri- 
vacy preferences based on the received policy/policies and 
the privacy preferences contained in the data object. In the 
case of providing an intermediate proxy element, the client 
20 entity preferably sends the data object containing the pri- 
vacy preferences to the intermediate proxy element using the 
synchronisation protocol. 

According to one of the preferred implementations of the in- 
25 vention, the architecture comprises a data object containing 
the users privacy preferences on the client entity. Use is 
made of a synchronisation protocol such as the SyncML proto- 
col [SyncML] to synchronise those preferences with versions 
of the users privacy preferences on network elements. The use 
30 of the synchronisation protocol allows preferences to be ad- 
ded, modified, deleted on the client entity and those changes 
to be propagated to the network element. 

Using a synchronisation protocol such as SyncML in this man- 
35 ner provides many advantages for managing user privacy prefe- 

I ; 
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rences between client entities and network servers. These 
advantages include: 

It allows for a standard method of synchronising privacy 
preferences between a client entity and network element. 
5 Due to the fact that a local copy of the privacy preferences 
is retained in the client entity, there is no need to enter 
the privacy preferences separately for each network element. 
By using this technique, the client entity User Interface 
(UI) can be used to modify privacy preferences on the client 

10 entity. This is very advantageous because it allows the user 
to modify privacy preferences using a UI she/he is already 
familiar with. The user only has to learn the operation of 
only a single UI for modifying privacy preferences. This al- 
lows the terminal manufacturer to tailor the UI to best suit 

15 the form factor of the client entity. 

By having a local copy of their preferences the users 
have greater control over their privacy preferences. 

In situations where the client entity has direct access 
20 to origin servers (i.e. unproxied, with no additional network 
elements) the local privacy preferences can be used for pri- 
vacy negotiation. 

The invention allows to synchronise several remote servers to 
25 a single terminal. A user who uses different servers can be 
provided from all servers with the same user preferences on 
her/his terminal. 

The use of the synchronisation protocol affords the network 
30 element a simple mechanism to inform the user that their pri- 
vacy preferences may need to be updated. 

The invention basically provides the ability to synchronize 
privacy preferences with a server via a synchronisation 
35 protocol e.g. via SyncML. The server has the ability to store 
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privacy preferences and synchronize them with a terminal e.g. 
via SyncML.- The terminal such as a Mobile terminal is 
preferably able to edit and store privacy preferences. The 
invention does not need to modify any standard. The invention 
5 may be used in an end-to-end system for wireless 
applications . 

The mapping of synchronization entities in SyncML, and their 
possible encoding (if encoded to WBXML) may be standardised. 

According to one of the embodiments of the invention, servers 
in a wireless application environment store privacy 
preferences and validate services against them on behalf of 
mobile end-users. When an end-user edits or modifies 
preferences on a mobile device, these are synchronized via a 
synchronisation protocol such as SyncML with the information 
stored on the servers. 

This invention thus provides an easy method of managing pri- 
20 vacy preferences between a client entity and a network ele- 
ment that requires knowledge of those preferences. The -inven- 
tion proposes the use of a synchronisation protocol, pre- 
ferably SyncML, as a method of managing user privacy prefe- 
rences between a client entity and a network element which 
25 requires knowledge of those preferences. This network element 
may be a network server such as a Supporting Server (SS) or 
it may be a Performance Enhancing Proxy (PEP) . 

30 BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 shows a simplified view of the web architecture 
illustrating the communication between a web client entity 
and an origin server; 

35 . ■. 
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Fig, 2 is a simplified view of the wireless internet 
showing a client entity and origin server as well as Perfor- 
mance Enhancing Proxies (PEP's) and Supporting Servers (SS f s) 
used to distribute load; 

Fig. 3 illustrates an embodiment of the invention archi- 
tecture showing the use of SyncML with a client entity acting 
as a SyncML client entity and a network element acting as a 
SyncML server; 

Fig. 4 shows an embodiment of the invention using the 
P3P protocol; and 

Fig. 5 illustrates a further embodiment in accordance 
15 with the present invention which uses the P3P protocol and a 
P3P proxy. 
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DESCRIPTION OF PREFERRED EMBODIMENTS OF THE INVENTION 

20 

According to preferred embodiments of the invention, both the 
client and the network element support the use of a synchro- 
nisation protocol such as the SyncML protocol. Further, the 
client entity and the network element have and use an agreed 
25 data format for the expression of user privacy preferences. 
One such well known format is APPEL [APPEL, A P3P Preference 
Exchange Language] . 

In addition there is preferably provided a suitable arrange- 
30 ment for the user(s) to modify their privacy preferences. A 
suitable method is to provide a user interface (UI) in the 
terminal allowing the user(s) to modify their preferences on 
the client entity. A synchronisation protocol such as SyncML 
protocol is used to synchronise those preferences with the 
35 users preferences on the network element. 
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Additionally or alternatively there can be provided a user 
interface on the network element. The synchronisation proto- 
col, e.g. SyncML protocol synchronises the preferences with 
5 the client entity set of preferences. Once synchronised, the 
client entity set can be used to synchronise with other net- 
work elements. 

The terminal (s) preferably include an interface to modify 
10 user privacy preferences. Further, the terminals are able to 
connect to a SyncML server in order to transmit those prefer- 
ences . 

Similar features are preferably present in network elements 
15 supporting this feature. There is synchronisation protocol 
(preferably SyncML) support in the network element. 

Devices and systems such as networks and/or terminals are 
preferably implemented such that they support the synchroni- 

20 sat ion protocol, e.g. SyncML protocol, and provide support 
for user privacy. The invention can also be related to the 
WAP standards for providing Privacy in this area. This inven- 
tion offers a solution to the management of user privacy pre- 
ferences in an environment which uses proxies containing user 

25 privacy preferences. 

The invention provides a standard and easy way to synchronize 
preferences between a wireless terminal and several other 
servers, as well as for servers to notify the client entity 
30 of the necessity of profile updates. 

Preferences can be updated on the terminal (off-line), and 
synchronized only when needed or possible (radio coverage) . 

35 The reliance upon synchronization protocols such as SyncML 

9 
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allows a user to synchronize preferences with other users, or 
with the preferences defined for groups (e.g. clubs, 
subscriber categories, etc) . This is a useful feature, since 
the exchange of privacy preferences in the P3P framework may 
5 be complicated. 

In general, the synchronisation protocol such as SyncML can 
be used for a variety of synchronization and update purposes. 

10 According to a preferred implementation of the invention, 
there is provided the ability to mapping of the preference 
synchronization to SyncML commands and constructs. The 
synchronisation protocol can be extended with code pages 
specifically meant for privacy preferences, e.g. if WBXML 

15 [Wireless (or WAP) Binary XML, XML Extensible Markup Langua- 
ge] encoding is considered. 

The exchange of privacy preferences among entities in the 
network may use the security features of SyncML. 

20 

Considering e.g. the above discussed case of changing Service 
Provider where a user wishes to obtain the privacy protection 
service from a different provider, the user does no longer 
have to once again develop his/her privacy preferences and 
25 input them in the appropriate network element of the new ser- 
vice provider. Using the present invention the privacy prefe- 
rences are stored locally and can be sent to the new network 
element, requiring only a synchronising with the new network 
element. 

30 

The architecture of an embodiment of the invention is shown 
in Figure 3. It comprises a data object (data file) 12 con- 
taining the users privacy preferences on a client entity 11 
and also the use of a synchronisation protocol 14, preferably 
35 SyncML protocol [SyncML], to synchronise those preferences 
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with versions (data object 12 1 ) of the users privacy prefe- 
rences on network elements such as network element 13. The 
client entity 11 is in this case a mobile terminal such as a 
mobile phone. The use of the synchronisation protocol allows 
5 preferences to be added, modified, deleted on the client en- 
tity and those changes to be propagated to the network ele- 
ment . 

In the embodiment shown in Fig. 3, the client entity 11 acts 
10 as a SyncML client entity and the network element 13 acts as 
a SyncML server. The data which is being synchronised between 
them are in a format that is agreed by both parties. One pos- 
sibility is to use the APPEL [APPEL] privacy preferences lan- 
guage as specified by W3C, however other data representations 
15 may also be used. 

The following uses cases and embodiments show and describe 
use possibilities and advantages of the invention. 

20 A first use case implemented in the embodiment shown in Fig. 
4 is the use of P3P (P3P - Platform for Privacy Preferences). 
The W3C (W3C - World Wide Web Consortium) has defined an XML 
standard for the exchange of privacy information. Basically, 
P3P is an XML document and handshake which allows a web site 

25 to express the data collected by the website and the intended 
use of that data. A client entity on receipt of an P3P docu- 
ment can then compare the document with privacy preferences 
of the user. In addition, the P3P project contains a standard 
user privacy preferences language APPEL, 

30 

The flow of P3P is described in Figure 4. When a client enti- 
ty 20 is instructed, e.g. by a user, to retrieve a resource 
from a network element such as an origin server 22 (using 
e.g. a URL) it first retrieves (steps 41, 42) a P3P policy 
35 reference file from the origin server 22. This file determi- 

11 
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nes the location of P3P policies which reflect the privacy 
policy of different parts of the web site. The client entity 
20 then retrieves (steps 43, 44) the appropriate policies 
from the origin server 22. Once the policies are retrieved 
5 the client entity 20 compares the policies to the users pri- 
vacy preferences as indicated by field 21 "Determine Privacy 
Preferences". If the comparison is favourable the user's ori- 
ginal request is executed, i.e. the URL resource indicated by 
the user is requested (step 45) from the origin server 22 
10 which returns the requested resource (step 46) . 

In some cases, use of P3P may not be favourable in a con- 
strained environment such as wireless, due to the number of 
additional protocol exchanges required to access a website 
15 when using P3P. As a result thereof there have been proposals 
to introduce a P3P performance enhancing proxy (P3P PEP) for 
performing the protocol exchanges on behalf of the client en- 
tity. 

20 Fig. 5 shows an embodiment employing such a PEP 31. One of 

the problems associated with a P3P proxy solution is the need 
to provide a mechanism for the client entity to communicate 
it's privacy preferences to the P3P proxy. This problem can 
easily be solved with the present invention. The SyncML pro- 

25 tocol allows for the synchronisation of privacy preferences 
between the client entity and the P3P proxy. 

Fig. 5 illustrates a P3P interaction through a proxy 31. A 
client entity 30, e.g. a mobile phone, includes and stores a 
30 data object 33 which contains the privacy preferences of the 
client entity 30 which have e.g. been input by the user of 
client entity 30, or are prescribed by another source. 

In a step 50, the client entity sends a request to the PEP 31 
35 requesting a resource which is e.g. indicated by the URL 

12 
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(Universal Resource Locator) of the resource. In a step 51, 
the PEP 31 requests the P3P Policy Reference File from a net- 
work element (e.g. origin server) 32 which is sent to PEP 31 
in step 52. This file determines the location of P3P policies 
5 which reflect the privacy policy of different parts of the 
web site. The PEP 30 then requests (step 53) the appropriate 
policies from the origin server 32 which returns these poli- 
cies in step 54 . 

10 Once the policies are retrieved the PEP 31 compares the poli- 
cies to the users privacy preferences as indicated by field 
34 "Determine Privacy References". If the comparison is fa- 
vourable the user's original request is executed, i.e. the 
URL resource indicated by the user is requested (step 56) 

15 from the origin server 32 which returns the requested resour- 
ce directly to the client entity (step 57) . 

In the embodiment shown in Fig. 5, the stored data object 33 
containing the privacy preferences of the client entity. 30 is 
20 copied to the PEP 31 using the synchronisation protocol, pre- 
ferably SyncML, in a step 55 so as to provide the PEP 31 with 
the user's privacy preferences. 

Step 55 may be carried out immediately following step 50 or 
25 at any time before implementing step 34. 

Although preferred embodiments have been described above, the 
invention can also be carried out in different manner and in- 
tends to cover any such modification, addition, or omission 
30 of the described features. 
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CLAIMS 

5 1. Method for managing privacy preferences in a communi- 

cation network comprising a client entity and a network ele- 
ment, wherein the privacy preferences are included in a data 
object stored in, or accessible to, the client entity, and 
the data object is sent to the network element using a syn- 
10 chronisation protocol, for managing the privacy preferences 
in accordance with the data object, 

2. Method according to claim 1, wherein the synchronisa- 
tion protocol is SyncML. 

15 

3. Method according to any one of the preceding claims, 
wherein a proxy element is provided which communicates with 
both the client entity and the network element. 

20 4. Method according to any one of the preceding claims, 

wherein the client entity is a user equipment, preferably a 
computer or mobile station. 

5. Method according to any one of the preceding claims, 
25 wherein the client entity requests a policy reference file 

and/or policy /policies from the network element and determi- 
nes available privacy preferences based on the received po- 
licy/policies and the privacy preferences contained in the 
data object. 

30 

6. Method according to any one of the preceding claims, 
wherein an intermediate proxy element requests a policy refe- 
rence file and/or policy/policies from the network element 
and determines privacy preferences based on the received po- 

35 licy/policies and the privacy preferences contained in the 
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data object. 

7. Method according to claim 6, wherein the client enti- 
ty sends the data object containing the privacy preferences 

5 to the intermediate proxy element using the synchronisation 
protocol. 

8. Method according to any one of the preceding claims , 
wherein the client entity and the network element use an 

10 agreed data format for the expression of user privacy prefe- 
rences, preferably the format APPEL [APPEL, A P3P Preference 
Exchange Language] . 

9. Method according to any one of the preceding claims, 
15 wherein the network element is a server. 



10. System for managing privacy preferences in a commu- 
nication network comprising a client entity and a network 
element, wherein the privacy preferences are included in a 
data object stored in, or accessible to, the client entity, 
and the client entity is adapted to send the data object to 
the network element using a synchronisation protocol, for ma- 
naging the privacy preferences in accordance with the data 
object. 

11. System according to claim 10, wherein the synchroni- 
sation protocol is SyncML. 

12. System according to any one of the preceding system 
30 claims, wherein a proxy element is provided which is adapted 

to communicate with both the client entity and the network 
element. 

13. System according to any one' of the preceding system 
35 claims, wherein the client entity is a user equipment, pre- 
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ferably a computer or mobile station. 

14. System according to any one of the preceding system 
claims, wherein the client entity is adapted to request a po- 
5 licy reference file and/or policy /policies from the network 
element and to determine available privacy preferences based 
on the received policy/policies and the privacy preferences 
contained in the data object. 

10 15. System according to any one of the preceding system 

claims, wherein an intermediate proxy element is provided 
which is adapted to request a policy reference file and/or 
policy/policies from the network element and to determine 
privacy preferences based on the received policy/policies and 

15 the privacy preferences contained in the data object. 

16. System according to claim 15, wherein the client en- 
tity is adapted to send the data object containing the .pri- 
vacy preferences to the intermediate proxy element using the 

20 synchronisation protocol. 

17. System according to any one of the preceding system 
claims, wherein the client entity and the network element use 
an agreed data format for the expression of user privacy pre- 

25 ferences, preferably the format APPEL [APPEL, A P3P Prefe- 
rence Exchange Language] . 

18. System according to any one of the preceding system 
claims, wherein the network element is a server. 

30 
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